.

Merged by Trez.One

.gitea/workflows/branch-sonarscan-pr-merge.yml

@@ -1,163 +0,0 @@
-name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
-
-on:
-  push:
-    branches-ignore:
-      - main
-
-jobs:
-  # Job 1: Check if PR exists and create one if the branch is new
-  check-and-create-pr:
-    name: Check and Create PR
-    runs-on: ubuntu-latest
-    outputs:
-      pr_created: ${{ steps.cc-pr.outputs.pr_created }}
-      pr_number: ${{ steps.cc-pr.outputs.pr_index }}
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-
-      - name: PR Check/Create
-        id: cc-pr
-        run: |
-          echo "Checking for existing PR..."
-          pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
-            -X 'GET' \
-            -H 'Accept: application/json' \
-            -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
-            -s | jq '{index: .number, state: .state}')
-          pr_status=$(echo ${pr_check} | jq -r '.state')
-          if [ "${pr_status}" == "open" ]; then
-            echo "PR already exists. PR number: $(echo ${pr_check} | jq -r '.index')"
-            echo "pr_created=false" >> "$GITHUB_OUTPUT"
-            echo "pr_index=$(echo ${pr_check} | jq -r '.index')" >> "$GITHUB_OUTPUT"
-          elif [ "${pr_status}" == "closed" ]; then
-            echo "PR does not exist. Creating PR..."
-            pr_response=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls -s \
-              -X 'POST' \
-              -H 'Accept: application/json' \
-              -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
-              -H 'Content-Type: application/json' \
-              -d '{
-                "base": "main",
-                "head": "'"${{ github.ref_name }}"'",
-                "title": "Automated PR for branch '"${{ github.ref_name }}"'",
-                "body": "This is an automated PR created for branch '"${{ github.ref_name }}"'."
-              }')
-            pr_index=$(echo ${pr_response} | jq -r '.number')
-            echo "PR created. PR number: ${pr_index}"
-            echo "pr_created=true" >> "$GITHUB_OUTPUT"
-            echo "pr_index=${pr_index}" >> "$GITHUB_OUTPUT"
-          else
-            echo "Error checking for existing PR. Exiting..."
-            exit 1
-          fi
-
-  sonarqube-analysis:
-    name: SonarQube Analysis
-    runs-on: ubuntu-latest
-    needs: check-and-create-pr
-    outputs:
-      qg_status: ${{ steps.quality-gate.outputs.quality-gate-status }}
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-
-      - name: SonarQube Scan
-        uses: sonarsource/sonarqube-scan-action@v4.1.0
-        env:
-          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
-          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: SonarQube Quality Gate
-        id: quality-gate
-        uses: sonarsource/sonarqube-quality-gate-action@v1.1.0
-        env:
-          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
-          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: Custom Quality Gate Check
-        uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1
-        id: quality-gate-check
-        with:
-          sonar-project-key: rinoa-docker
-          sonar-host-url: ${{ secrets.SONARQUBE_HOST }}
-          sonar-token: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: JSON clean-up for proccessing...
-        id: json-cleanup
-        run: |
-          echo "Cleaning up quality gate response..."
-          echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
-          sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
-          jq -c '.' qg_raw.json > qg_fixed_json.json
-          projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
-          caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
-          conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
-          echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
-          echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
-          echo "conditions=${conditions}" >> $GITHUB_OUTPUT
-
-      - name: Convert JSON to Markdown Table
-        id: convert-json-to-md
-        uses: buildingcash/json-to-markdown-table-action@v1.1.0
-        with:
-          json: "${{ steps.json-cleanup.outputs.conditions }}"
-
-      - name: Post SonarQube Results as Comment
-        env:
-          PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }}
-          SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }}
-          QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }}
-          RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }}
-          GITHUB_REPOSITORY: ${{ github.repository }}
-          BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }}
-        run: |
-          formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\
-          /g')
-          payload=$(jq -n \
-            --arg body "SonarQube analysis results:
-                <br>
-                ${{ env.SQ_RESULTS }}" \
-            '{ body: $body }')
-            
-          response=$(curl -s -o response.json -w "%{http_code}" \
-            -X POST \
-            -H "Accept: application/json" \
-            -H "Authorization: token ${BOT_GITEA_TOKEN}" \
-            -H "Content-Type: application/json" \
-            -d "$payload" \
-            "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews")
-
-  dry-run-merge-pr:
-    runs-on: ubuntu-latest
-    name: Dry Run & PR Merge
-    needs: sonarqube-analysis
-    if: needs.sonarqube-analysis.outputs.qg_status == 'PASSED'
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-        
-      - name: Generate Ephemeral .env for Docker Compose Dry Run
-        run: |
-          echo "${{ secrets.RINOA_ENV }}" > .env
-
-      - name: Docker Compose Dry Run
-        uses: s3i7h/spin-up-docker-compose-action@v1.2
-        env:
-          DOCKER_HOST: tcp://dockerproxy:2375
-        with:
-          file: docker-compose.yml
-          pull: true
-          pull-opts: --dry-run
-          up: true
-          up-opts: -d --dry-run
-
-      - name: Tea CLI Setup & PR Merge
-        run: |
-          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
-          chmod +x /usr/local/bin/tea
-          echo "Merging PR..."
-          tea login add --name gitea-rinoa --url "${{ vars.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}"
-          pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep "${{ gitea.ref_name }}" | awk -F, '{print $1}' | sed -e 's|"||g')
-          tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}

.gitea/workflows/deployment.yml

@@ -0,0 +1,75 @@
+name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
+
+on:
+  push:
+    branches-ignore:
+      - main
+
+jobs:
+  # Job 1: Check if PR exists and create one if the branch is new
+  check-and-create-pr:
+    name: Check and Create PR
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: PR list
+        id: list-prs
+        run: |
+          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
+          chmod +x /usr/local/bin/tea
+          echo "Listing PRs..."
+          tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
+          pr_state=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep 'open|closed|merged' | awk -F, '{print $3}' | sed -e 's|"||g')
+          echo "pr_state=$(echo ${pr_state})" >> "$GITHUB_OUTPUT"
+
+      - name: Create PR
+        if: steps.list-prs.outputs.pr_state == 'closed'
+        uses: arifer612/Gitea-PR-action@v1.2.0
+        with:
+          url: ${{ gitea.server_url }}
+          token: ${{ secrets.BOT_GITEA_TOKEN }}
+          assignee: ${{ gitea.actor }}
+
+  docker-compose-test:
+    name: Docker Compose Test
+    needs: [create-pr]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Generate ephemeral .env compose file
+        id: generate-env-file-pr
+        run: |
+          echo "${{ secrets.RINOA_ENV }}" > .env
+
+      - name: Docker Compose Lint
+        uses: yu-ichiro/spin-up-docker-compose-action@v1
+        with:
+          file: docker-compose.yml
+          pull: true
+          pull-opts: --dry-run
+          up: true
+          up-opts: --dry-run -d --remove-orphans
+        env:
+          DOCKER_HOST: tcp://dockerproxy:2375
+
+  merge-pr:
+    name: PR Merge
+    runs-on: ubuntu-latest
+    needs: [docker-compose-test]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Tea CLI Setup & PR Merge
+        run: |
+          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
+          chmod +x /usr/local/bin/tea
+          echo "Merging PR..."
+          tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
+          echo ${{ gitea.ref_name }}
+          pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ gitea.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g')
+          tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}

.gitignore

@@ -1 +1,2 @@
-**/.env*
+**/.env*
+**/*env*

docker-compose.yml

@@ -877,6 +877,8 @@ services:
       - VOLUMES=1
       - LOG_LEVEL=debug
     image: ghcr.io/tecnativa/docker-socket-proxy:latest
+    labels:
+      komodo.skip: s
     networks:
       default: null
     ports:
@@ -2672,6 +2674,7 @@ services:
       homepage.href: https://komodo.${MY_TLD}
       homepage.icon: /icons/komodo.png
       homepage.description: Open-source note taking & to-do
+      komodo.skip: a
       swag: enable
       swag_url: komodo.${MY_TLD}
       swag_port: 9120
@@ -2687,7 +2690,7 @@ services:
       - komodo-pg-db
     image: ghcr.io/ferretdb/ferretdb
     labels:
-      komodo.skip: # Prevent Komodo from stopping with StopAllContainers
+      komodo.skip: a
     restart: unless-stopped
     expose:
       - 27017
@@ -2705,7 +2708,7 @@ services:
       - 8120
     image: ghcr.io/mbecker20/periphery:latest
     labels:
-      komodo.skip: 
+      komodo.skip: a
     restart: always
     volumes:
       - /proc:/proc
@@ -2717,6 +2720,8 @@ services:
       POSTGRES_DB: komodo
     expose:
       - 5432
+    labels:
+      komodo.skip: a
     image: postgres:17-alpine
     restart: unless-stopped
     volumes:
@@ -3235,6 +3240,14 @@ services:
       - TZ=${TZ}
       - PUID=${PUID}
       - PGID=${PGID}
+      - MALOJA_URL=http://maloja:42010
+      - MALOJA_API_KEY=${MALOJA_API_KEY}
+      - LASTFM_API_KEY=${LASTFM_API_KEY}
+      - LASTFM_API_SECRET=${LASTFM_API_SECRET}
+      - LZ_USER=Trez.on
+      - LZ_TOKEN=${MALOJA_LISTENBRAINZ_TOKEN}
+      - SPOTIFY_CLIENT_ID=${YOUR_SPOTIFY_ID}
+      - SPOTIFY_CLIENT_SECRET=${YOUR_SPOTIFY_SECRET}
     image: foxxmd/multi-scrobbler
     labels:
       - homepage.group=Media Library
@@ -4616,6 +4629,7 @@ services:
       - swag_port=81
       - swag_url=swag.${MY_TLD}
       - swag_auth=authelia
+      - komodo.skip=a
       - swag.uptime-kuma.enabled=true
       - swag.uptime-kuma.monitor.url=https://swag.${MY_TLD}
       - homepage.group=Infrastructure/App Performance Monitoring
@@ -6965,27 +6979,25 @@ services:
   zitadel:
     container_name: zitadel
     image: ghcr.io/zitadel/zitadel:latest
-    command: 'start-from-init --masterkeyFromEnv  --config /config.yaml --config secrets.yaml --config init-steps.yaml --tlsMode external'
+    command: 'start-from-init --masterkeyFromEnv --config /config.yaml --config /secrets.yaml --config /init-steps.yaml --tlsMode external'
     # depends_on:
     #   zitadel-pg-db:
     #     condition: 'service_healthy'
     environment:
-      ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel
-      ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: ${ZITADEL_DB_PASSWORD}
-      ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: ${ZITADEL_DB_ADMIN_PASSWORD}
       ZITADEL_MASTERKEY: ${ZITADEL_MASTER_KEY}
     expose:
       - 8080
     labels:
-      - swag=enable
-      - swag_proto=http
-      - swag_port=8080
-      - swag_url=zitadel.${MY_TLD}
-      - homepage.group=System Administration
-      - homepage.name=Zitadel
-      - homepage.href=https://id.${MY_TLD}
-      - homepage.icon=zitadel.svg
-      - homepage.description=Centralized authentication management
+      swag: enable
+      swag_proto: http
+      swag_port: 8080
+      swag_url: id.${MY_TLD}
+      swag_server_custom_directive: http2 on;
+      homepage.group: System Administration
+      homepage.name: Zitadel
+      homepage.href: https://id.${MY_TLD}
+      homepage.icon: zitadel.svg
+      homepage.description: Centralized authentication management
     volumes:
       - ${DOCKER_VOLUME_CONFIG}/zitadel/config.yaml:/config.yaml
       - ${DOCKER_VOLUME_CONFIG}/zitadel/init-steps.yaml:/init-steps.yaml